Splunk Tech Talks
Deep-dives for technical practitioners.

Getting Slack Data into Splunk

melissap
Splunk Employee
Splunk Employee

View our Tech Talk: Platform Edition, Getting Slack Data into Splunk on demand.

The Slack Audit Logs API is for monitoring the audit events happening in a Slack Enterprise Grid organization to ensure continued compliance, to safeguard against any inappropriate system access, and to allow the user to audit suspicious behavior within the enterprise.

This Tech Talk is a step by step tutorial on how to ingest your Slack data in Splunk, through the Splunk Add-on for Slack, which is an add-on that leverages the Slack Audit logs API to gain additional insight into your organization's security posture. 

Tune in to learn about:

  • Getting started with Splunk Cloud and getting your organization’s Slack data in Splunk
  • The value of Slack audit logs
  • How to use the Splunk add-on & application for Slack

Have more questions? Check out our Covid-19 conversations in Splunk Answers community for more!

melissap
Splunk Employee
Splunk Employee

Here are some additional resources for your journey.

1)Splunk COVID Response & Resources

https://www.splunk.com/en_us/solutions/covid19-response-overview.html

https://www.splunk.com/en_us/blog/partners/splunking-slack-audit-data

2)Splunkbase Apps & Add-ons

​RWI Executive App - https://splunkbase.splunk.com/app/4952/

​Slack Audit App for Splunk - https://splunkbase.splunk.com/app/5013/

​Slack Add-on for Splunk - https://splunkbase.splunk.com/app/4986/

​Event Timeline App - https://splunkbase.splunk.com/app/4370/

3)  Tim Tully’s Remote Work Insights Blog